SUMMARY:

An experienced Cyber security\Cloud consultant with more than 20 years of hands - on system, design, and development and OS/Application/network/Cyber security. Extensive experience in CyberSecurity framework, identifying system/application/appliances vulnerabilities (C&A), Hands on experience with all Virtualization products, performing penetration testing, writing security standards and making sure business structure is aligned with the current technology (ITIL processes).

TECHNICAL SKILLS:

Operating Systems: Oracle Solaris 11.2,10,9,8,7, Redhat 7, Oracle Linux 7, Windows, 2016, 2012 R2 Datacenter, Windows 2008 R2, 2003-R2, Windows 10, Enterprise, Windows 2000 Advanced Server, Windows NT 4.0/3.51, Windows Professional, 8/7/Vista/XP/98/95, AIX 3.2.5-4.2, SCO UNIX 5.0.4c, SGI-IRIX 6.x, HP 10.0, Novell 6.5 (eDirectory 8.7.3), 6.0, 5.x, 4.x, 3.x, CISCO IOS 12, OS2 Warp, and DOS

Protocols: LDAP, SAML 1.0/2.0, XACML, IPX/SPX, IPXODI, TCP/IP (V4 & V6) SMTP, SFTP, TFTP, LPD, BootP, SLIP, PPP, PPTP, L2TP, SAP, ARP/RARP, ICMP, IGMP, IGRP, RIP I-II, NETBIOS

Software Applications & Database Servers: RSA Federated Identity Manager, Bioscrypt VeriSoft Access Manager (SSO), Microsoft Identity Integration Server, Oracle E-Business Suite 11i, Oracle Enterprise Manager 13c, 12c, 10g (Grid Control), Core Impact Security Tool, ISS security tools, Cisco Security Agent CSA 4, SAFELink, OpenView (NMM, Reporter, Internet service), JAZZ for SUN, Oracle Universal Content Management UCM, Oracle (12c, 11g, 10g) Oracle 9iAS, 8.i & 7.3.2 on (NT, HP, SUN, AIX), Citrix Metaframe XPe, XPa NFuse, Weblogic, SQL AnyWhere, Informix, Infomaker, MS SQL server 2000, Power Tool, Oracle Forms & Reports 6i, Active Server Pages ASPs, Java 2, JavaScript, VBScript, HTML, PowerBuilder 4.0-5.0, MS Visual C++, Sybase-10 on AIX, Sybase SQL Server 11 for NT, MS Exchange 2000, PKI, ERwin, PC NFS, RoboHelp, Front-page2000/98, Internet Information Server 5.x-4.x, IQ Live, Visual InterDev, Visual Basic, ManageWise, Network Security Agent NSA, TCP/IP, TCP-Wrapper, MS Office 2000/97 (Word, Excel, PowerPoint, Access), Purveyor, Desktop DBA, Erwin/ERX 3.0, MS project management, MS Mail/FAX Servers and SMS. MS VISIO 2002. MS Exchange 2007/2003/2000/5.5 , MS Proxy, VERITAS NetBackup 4.2, VERITAS Cluster Server 2.0, Exceed 7.0, SMC/Linksys wireless Technology, Open File Manager 9, Telereach Raritan, Enterprise Symantec Ghost 7.5, Knowwho server(Biometric Application), Tomcat, Apache Web servers, VNC ATT, Acuate Reporting Server, OpenText (LiveLink 9), RSC for SUN, SmartView Tracker R55, MS SharePoint, Snort 2.0, Enterprise Security Manager ESM, PGP Universal & PGP Desktop, Central Symposium 7, Seibel CRM, CryptoStore, Foglight 4.1, webMethod, Remedy, HFNetChk Patch Scan, Collabnet, & COGNOS 8.x & NetIQ 6.5, Oracle Audit Vault 10.2.2, Arcsight Logger 6.x

Security Tools: Burp Suite, CoreImpact, IBM Appscan, OPAM, SDCS-AS, Internet Security System ISS, IBM Proventia, Sourcefire, WebInspect 7.7, SDSAS, DevInspect for Java, Enterprise Security Manager ESM, AppSentry 6.x, Appdetective, Fortify Source Code Analyzer SCA, Program Trace Analyzer PTA, Real-time Analyzer RTA, Ounce Lab 5, Nessus, Cisco Security Agent CSA, Network Security Agent NSA, Snort, OSSEC-HIDS, Hedgehog, Retina & Shavilk Scan, Acunetix Web Vulnerability Scanner, Solaris Security Toolkit 4.2(JASS), Sentrigo database scanner, BackTrack 5, metaspolit framework, netcat, nmap, & many other open source security tools.

Forensics Tools & Frameworks: Digital Forensics Framework, Open Computer Forensics Architecture, CAINE, X-Ways Forensics, SIFT, Registry Recon, Llibforensics, Volatility, WindowsSCOPE, EnCase Enterprise V7, FTK Imager version 3.2.0, Helix 3 Enterprise, Paraben(Device Seizure, P2 Commander, Network Email Examiner, Forensic Replicator, SIM Card Seizure)

Cybersecurity Activities: Developed plans to establish cybersecurity practice base on National Initiative for Cybersecurity Education NICE and other best practice. Proof of concept for automation of Cybersecurity Penetration testing and protection of infrastructure IT devices & applications using cutting edge technologies.

Database Security: Utilizing Oracle Advanced Security (OAS) feature for:

Transparent Data Encryption: using AES with up to 256 bits at the column and or at the tablespace level.

Utilizing two: factor authentication (smart card) with industry-standard authentication methods (Kerberos, SSL, & PKI)

Wrote my own program for Oracle Database security scanner to validate over 125 security validations.

Identity Management Skills: Oracle Identity & Access Management 11.1.2.3, OES, RSA Federated Identity FIM, MIIS, HP Select Identity, Sun Identity Management System 7.1, Novell Identity Management, IBM Tivoli IDMS, Single Sign-On (SSO), Provisioning, web-Account Self Service, Workflow Automation, Delegated Administration, Role Based Access Control (RBAC), Directory Services, Metadata Synchronization, Web Access Management, Liberty Alliance, SAML 1.0,1.1, 2.0 & Higgins Framework.

VMware 6.5, 5.5/4: ESX/ESXi, vCenter, vCenter Heartbeat, Lab Manager, VI Client, Vmotion, Storage Vmotion, Fault Tolerance FT, Distributed Resource Scheduler DRS, High Availability HA, Capacity IQ, AppSpeed, Site Recovery Manager SRM, Life Cycle Manager LCM, vCenter Convertor, Virtual Desktop Manager VDM, License Manager, Update Manager, Cloud Manager CM, Application Discovery Manager ADM, View Administrator, VMware Server, VMware Player, VMware vCenter Orchestrator, VMware vCenter Configuration Manager, VMware Studio, Virtual Appliance (firewall, IDS/IPS), Cloud security(VMware vShield Manager, VMware vShield App, VMware vShield Edge, VMware vShield Endpoint, VMware vShield Zones), VMware Workstation 9/8/7

Oracle: Oracle VM 3.x, Oracle Virtual Box 4.x, Oracle Sun Solaris Zones 11/10

Microsoft: Windows 2016 Datacenter, 2012 R2 Hyper-V

Network Security Appliances: McAfee Network Security Platform (M-8000), Sourcefire SSL 8260, HP TippingPoint S6100N, & IBM Proventia IPS GX6116 LMS, LCMs, & CMS for eLearning Learning Management Systems (LMS) (Moodle, Docebo, SCORM Cloud), Content Management Systems (CMS)(Oracle Content management, Adobe Web Content management),Learning Content Management Systems (LCMS), Governance, Standards & Compliance Management,Security Assessment, authorization, & continuous monitoring that implements:(BSIMM4, Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley, FFIEC, SB1386, HSPD-12, SAS 70,NIST, 30,39, 53A, FISMA, FIPS 199, OBM A-123, 127 & 130, PCI-DSS Standard & OWASP, SCORM, BSIMM4, NICE, FedRAMP baseline controls & templates), COBIT

Routers/Firewalls: ASA 5500, PIX 515E, CISCO 2500,2600 7000, Catalyst, 3COM NetBuilder, Xyplex, Telebit and RAS servers, CISCO(GS3/2500)

Hardware: HP Superdome, Sparc T3, E15k, E25K, RISC 6000, SUN Enterprise 4500, 3500, Sun Fire 280R & Sun Fire V480 Ultra 60, E450 Compaq Proliant DL380 G3, DL360. DL320, SAN 1000, SGI Challenge L, SGI Indigo 2, Cybernetics Robot( Tape unit), Compaq Proliant, HP LH Pro, Super Dome, Intel Pentium systems (IV, III, II, I), CISCO, Cataylist, Precise 100 MC.

PROFESSIONAL EXPERIENCE:

Confidential

Security Analyst

Responsibilities:

• Implementation of Oracle Advanced Security for TDE
• Oracle database 12c security hardening
• Setup Cyber Security best practice for securing applications, operating systems, databases & appliances. Identifying overall vulnerabilities and providing solution to security issues. Centralization of logs and generating real-time dashboards to identify all type of issues. Application protection though Oracle Access & Identity.
• Installation and configuration of Oracle 12c RAC on RedHat
• Installation & configuration of Oracle GoldenGate 12c
• Installation and configuration of Oracle Audit Vault & Database firewall
• Installation & configuration of OPAM for auditing
• Installation & configuration of OEM13c

Confidential, Alexandria, Virginia

Oracle IDM Senior Architect

Responsibilities:

• Implemented End-2-End SSL configuration for webGates, OAM\OAAM\OIM\SOA\OUD & F5 load balancers.
• Configuration of Java Keystores and key management.
• Assisting Cyber security in resolving all existing POAMS (Applications, Oracle IDM, & operating systems)
• Identify and troubleshoot issues with day to day OAM\OAAM\OIM\OIF\ODSM\OUD.
• Provided assistance to application developers in integration of their applications into RBAC
• Plan & track work of project team members
• Interaction with higher management for project related updates and plans
• Created standard operating procedures SOP in dealing with LAB and production environments.
• Created dashboards in Splunk (in real time) to identify real issues at every level; which helped to reduce troubleshooting time.
• Created many Linux scripts for reporting system status.
• Configure Oracle Enterprise Manager 12c to alert on all aspect of oracle IDM, Apache\WebGates, applications and infrastructure services (DNS latency, NTP, Active directory, storage latency, & F5).
• Provide Development, Test and 24x7 Production support.
• Assist with the review, analysis and resolution of Identity and Access Management defects.
• Assisting Oracle DBAs for mitigating all security database POAMS.
• Assisting Cyber Security to identify all false positives as result of continuous diagnostic & monitoring.
• Review and analyze functional/non-functional requirements.
• Provide technical support for issues including hands-on troubleshooting.
• Interface and collaborate with other teams (Development/Test/Functional/Management).
• Direct hands-on experience with Oracle Identity Manager (OIM) 11g R1/R2 release.
• Experience with developing solutions for High Availability Requirements (Multi Datacenters) Active-Active.
• Assist to deploy the solution into development & production.
• Created entire Oracle Identity & Access management 11g R2 PS3, OUD, webGate servers, F5 loadbalancsers, Oracle 12c databases, OEM13c, Active Directory 2016, exchange 2016, VEEM Backup solution in vMware environment.
• Work extensively with OAM\OAAM, OIM\SOA, OUD and Oracle 12c databases.
• Provide high level guidelines and insights on technical issues to technical team members
• Worked with F5 team with VIPs & Cert SANs requirement

Confidential, Arlington, Virginia

Security Architect

Responsibilities:

• Working with TSA Cyber security in developing technical standards on: Virtualization, System, Application Auditing, & Big DATA
• Worked on private cloud to provide both IaaS, SaaS & PaaS that provides real-time security visibility, increase automation and continuous monitoring.
• Developed my own database security scanner using PL/SQL to validate DHL security guidelines.
• Review of System security plans
• Review of POAMs, identify false positives and provide solutions to issues
• Identified vulnerabilities with Windows 2012R2 & 2008 R2
• Identified vulnerabilities with F5 Loadbalancers
• Identified vulnerabilities with Weblogic 12c, 10.3.3
• Identified vulnerabilities with MS SQL 2014, 2008R2/2005
• Identified vulnerabilities with Bladelogic
• Identified Vulnerabilities with Oracle Content Management
• Providing security guidelines for Windows 2008 R2
• Providing security guidelines for IIS 7.5
• Providing security guidelines for MS SQL 2008 R2
• Providing security guidelines for Solaris 11.2 & 10
• Provided security guidelines for Oracle 12c, 11g R2
• Providing guidelines for Firewalls compliance
• Providing guidelines on Windows Group Policy
• Provided risk analysis on Solarwind- Orion platform
• Providing guidelines for Windows 2008 R2 Advanced Auditing
• Providing guidelines on Windows “Errors & Events” used for IDS & IPS
• Providing security guidelines for NetIQ
• Identify security bugs and vulnerabilities for applications (Java & .net)
• Providing security guidelines for VMware Virtualization. In design & security recommendations for VMware vSphere solution, I wrote over 400 security controls.
• Provide guidelines on Information Leakage and DLP solution
• Engaging with vendors to resolve security issues
• Providing guidelines on new technologies and system integration
• Provided feedback and analysis on system security scan results.
• Provided feedback to IT security in areas that security tools fail to identify vulnerabilities.
• Provide feedback on technical standards and build documents
• Run security scans on Databases, operating systems, Applications & Security Appliances.
• Provide oversight on Oracle 11g & Solaris implementation
• BSIMM Version 4 initiative for Software security life cycle.
• Identifying false positives reported by HIDS agents & NIDS Appliances.
• Solaris Auditing using BSM, & BART.
• Implementation of BSIMM4

Confidential, Reston Virginia

Security Consultant

Responsibilities:

• Writing Security Hardening Guidelines for Oracle 10g R2, 11g, Oracle E-Business Suite 11i, Solaris 10, Bladelogic, Tibco, COGNOS 8, Big-IP F5 6400, Tomcat Apache 6, & over 20 Applications.
• Defining System security Categorization
• Defining System Description with System Boundaries
• Update Network Diagram and Data Flows
• Validate Software and Hardware Inventory
• Identify Business Risk Assessment
• Identify System Risk Assessment
• Develop and improve Contingency Plan
• Plan for Self-Assessment
• Update the System Security Plan
• Compliance Measurement
• Compliance Enforcement
• Controls Reporting
• Code Review Automation
• Proof of concept for Enterprise Auditing System (Hardware, Applications & OSs) OSSEC-HIDS
• Proof of Concept for Oracle Database Intrusion Detection and Prevention System
• Application Risk Assessments ( Oracle UCM, Bladelogic, Tibco, Oracle SOA, and number of custom Java applications)
• Provide Assistance in Application configuration, application security hardening, & deployment for Oracle Internet Directory OID, Oracle ESSO, Oracle Access Manager, Oracle Identity Manager, Oracle Audit Vault, Tibco, Oracle UCM & Oracle database 10/11g, Bladelogic.
• Writing a superset rules (over 1000) validations for security best practice code standard in dealing with static code analysis.
• Created Vulnerability Tracking System using Collabnet to manage security related issues.
• Appliance Risk Assessments ( Big F5 LoadBalancers)

Confidential, Washington, DC

Identity Management Architect

Responsibilities:

• Responsible for Research, development, designing, testing, and deployment of an Enterprise Federated Identity & Access Management system that includes eAuthentication, & HSPD-12 in SUN/Microsoft/Oracle environments.
• The design and the integration involve Biometric technology, SSO, PKI, Digital Identity, Identity space, Identity Association, Context providers, and the latest cutting-edge security counter measures for LAN/WAN infrastructure. Responsibility also includes writing application, programming and security standards.
• Responsibility also included defining the best strategy for phase-by-phase implementation of an Enterprise Identity Management System.
• Two vendors were selected (Oracle & SUN).
• Testing all aspect of each solution, like Java Enterprise System (A core set of integrated, enterprise infrastructure services) & Sun IDMS solution.
• Oracle testing involves over 11 modules as part of an Enterprise IDMS.
• Created detail project plan for the incremental implementation of IDMS system.
• Team lead for development of “Session Directory Service” as part of custom Identity and resource management system.

Confidential

Senior Biometric Eng. and Security IT Specialist Lead.

Responsibilities:

• Recommend Application Security Architect and performing security assessments on PGP Universal, CryptoStore, webMethods Mainframe adapter 6.1, webMethods EDI, Cisco Security Agent 4.x, Tumbleweed, Louts Note, PKI, Nortel Voice over IP system, Remedy, Tivoli Access Manager 5.x, Tivoli Identity Manager, OpsForce, Central Symposium 7.1, VoiceCentra, Remedy, Weblogic, JMS, WebMethod Adapter, Seibel CRM, biltZdocs, HitBox technology, salesforce, Checkpoint firewalls, LAN/WAN security design, and IronPort C1000
• Testing Applications security for over 200 areas of vulnerabilities. Few examples are: Code Injection Attacks, Session Security, SQL Injection Attack, Privilege Escalation, Denial of Services, Cross Site Scripting Attacks, Data protection (Static and in transit), Encryption (type & level), Auditing, logging, Session Limits, Compromised Admin Account IDs, Exposure of Resources, Unauthorized Services or Processes, Authentication and Authenticity of Incoming Requests, etc.
• OS Security Assessment (AIX 5.2, Sun Solaris 9, Novell 6.5, Windows 2003)
• Risk assessment for 280 Linux Grid clusters
• Security mitigation for Database shared ID (DB2, Oracle, and MS SQL) auditing, Web Session security design, Enterprise Digital certification management.
• Security Assessment on CryptoStore.

Confidential

Senior Technical Consultant

Responsibilities:

• Apply, evaluate, and recommend LAN/WAN Security
• Designed and implemented PKI, CA, x.509 certificats, Cryptography (DES-3DES)
• Architecture design and implementation of Citrix Metaframe servers in Farm environment for Confidential /DOT (2500 user system in Active Directory 2000)
• Design of secure efficient and cost-effective IT infrastructure
• Install and Setup of Sun System 9 & 8 on Enterprise 4500, Sun Fire 280R & Sun Fire V480
• Worked with OpenView (NNM, Reporter, Internet Service, and TeleAlert)
• Setup, configure, and document Checkpoint NG R55 in a cluster environment
• Configured and setup PIX 515e Firewall
• Setup and configure CISCO Works 2000 for managing WAN devices (Routers and Switches)
• Configured SNMP on all TCP/IP devices and setup SNMP Manager
• Oracle 10g Web base application integration in Windows 2000, SUN, Linux, HP UNIX
• Configuration and management of TCP/IP for all LAN/WAN devices
• Configuration of DNS on both Windows and Sun
• Setup secure (SSL) Tomcat, Apache and IIS Intranet Web Servers
• Active Directory 2000/2003 Rollout for Confidential projects
• Installed and configured Linux for Mail and firewall service
• Security scan of LAN/WAN with the latest tools ( ISS & ESM ) in market to ensure government security requirement
• Setting up Patch management support for Windows and UNIX servers
• Conduct system level performance analysis
• Implement “JAZZ” security for SUN servers
• Admin for Exchange servers, Active Directory, Sun OS, Linux, and DNS servers
• Setup and configure Mail server on Sun
• Created log servers to capture all logs from all TCP/IP devices for sending alerts to Admins
• Installed and configured Oracle 9i R2, 10G, Report servers, and MS SQL 2000
• Fine-tuned servers (UNIX, Windows) and applications
• Set up and configured MS cluster system using Compaq DL380 G3 with SAN 1000 Fiber Channel
• Configure Sun servers with VERITAS Volume manager
• Implement disaster recovery systems for rapid recovery of servers
• Wrote VB and Shell scripts for Windows and UNIX environment
• Implement a backup system for over 100 servers using Omniback
• Plan and designed a system to track over 90 applications
• Validate technical documentation on installation, configuration, management and troubleshooting of SUN, Windows, LINUX, CISCO devices and over 90 applications.
• Install and configured OpenText (Livelink) web application for 2500 user system
• Participated in many proposal writings
• Created Information repository in Oracle 9iR2 for IT hardware/software inventory
• Configure and publish web based applications in Citrix MetaFrame environment
• Provided Technical Support for Confidential /DOT IRMs in 5 major regions in USA
• Implementation of intelligent SharePoint to manage multi-organizational projects with Oracle Portal
• Install Knowwho server for Biometric Security identification

Confidential

Senior System Analyst, DBA Support

Responsibilities:

• Writing functional requirement for development of reporting capabilities in existing applications.
• System Administrator support for NT server with Internet Information server. Documentation of LAN/WAN using RoboHelp and VISIO 2000.
• Administration of eight Solaris Servers and three SGI IRIX systems. (SUN Enterprise 4500 & 3500 with Fiber channel interface to T3 Disk storage System, SUN 450, Ultra 60, SGI Challenge L, SGI Indigo 2, Cybernetics Robot).
• Assist in migration of Oracle 7 from SGI to SUN with Oracle 8i. DBA support. Installed and configured VERITAS NetBackup 4.2 on Sun Solaris 8 to backup all servers, workstations and all Oracle Databases.
• Installed and configured SUN Solaris 8 on Enterprise 4500 and 3500 systems.
• Documenting over fifty pages on installation, configuration and administration of VERITAS NetBackup 4.2. Configuration of SUN T3 RAID Array System.
• Managing DNS Servers. Installing and evaluating security patches on SUN 8.0.
• Assisting users with systems related problems in UNIX O.S. by troubleshooting and providing resolution.
• Documentation of business requirement. Developing Reports using Oracle Report Builder 6i.
• Creation and maintenance of Oracle Forms, stored procedures and PL/SQL scripts.

Confidential, Rockville, MD

Technology Consultant and Sr. Technical Trainer

Responsibilities:

• Implementation of client server solutions on LAN/WAN environment.
• Responsible for design, implementation and maintenance of the network infrastructure, security firewall recommendations, reviewing network and security infrastructure for vulnerability and efficiency, administration, upgrade and maintenance of a multi-server multi-platform network environment.
• Training clients/students in Windows NT 4.0, Windows 2000 Advance server, Active Directory Server, AIX system administration on RISC6000 servers, SCO UNIX 5, Linux 6.2, CNA/CNE program for Novell 6.0,5.x/4.x/3.x, MS Exchange 2000, MS Proxy, Power Builder 6.0, TCP/IP, Web Servers IIS 4.x and MS SQL Server 2000.
• Developing Internet applications using Active Server Pages ASP, Java, JavaScript, VBScript, HTML, and Frontpage2000.
• Implementation of LAN/WAN security in NT/Novell/Unix with Oracle/Informix/Sybase environment.
• Installation and configuration and training of CISCO routers (CCNA). Setting up DNS, RAS, DHCP and WINS servers. Implementation of SMS.
• Implementation of Microsoft Cluster Software MSCS on Compaq systems in NT environment.

Confidential, Herndon. VA

System Administrator

Responsibilities:

• System Administrator responsible for NT 4.0 servers, Oracle database, Informix database, and multiple SCO UNIX servers in C2 security environment.
• Responsibilities also included documentation of LAN/WAN; wrote procedures regarding the installation and configuration of various operating systems for health care section, entitled MEPRS Project.
• Provided remote support to different military sites for their LAN/WAN access and resources, as well as guidelines and training sessions for system administrators who came from all over the country to learn how to build Compaq Proliant and HP LH pros NT and SCO servers (including the configuration of RAID 5 systems)
• Worked with DELPHI programmers in developing wide area network applications.

Confidential, Rockville, MD

Senior Technology Consultant

Responsibilities:

• Implementation of client server solutions for Fortune 500 companies - last two clients: Binney & Smith, PA, USA and Imperial Tobacco Ltd., Montreal, Canada.
• Maintain project plans and the development of interfaces between Confidential supply chain management software and Oracle or Sybase databases in HP, AIX and NT server environments.
• Provide DBA and system administrators with tips on planning, tuning, security, configurations and upgrades; wrote C++ program to transmit data between EDI and legacy database servers.